---
# tasks file for push-container-registry
# This role install skopeo and the certificates
# needed to push container images to our production registry.
# Note : push to the candidate-registry is done using docker login
# see the login-registry role.

- name: install necessary packages
  package:
    name: "{{item}}"
    state: present
  with_items:
    - skopeo
  tags:
  - push-container-registry

- name: ensure cert dir exists
  file:
    path: "{{cert_dest_dir}}"
    state: directory
  tags:
  - push-container-registry

- name: install client cert for registry
  copy:
    src: "{{cert_src}}"
    dest: "{{cert_dest_dir}}/client.cert"
    owner: root
    group: "{{ certs_group }}"
    mode: 0640
  tags:
  - push-container-registry

- name: install client key for registry
  copy:
    src: "{{key_src}}"
    dest: "{{cert_dest_dir}}/client.key"
    group: "{{ certs_group }}"
    mode: 0640
  tags:
  - push-container-registry
